"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "include/tests_databases" between
lynis-3.0.1.tar.gz and lynis-3.0.2.tar.gz

About: Lynis is a security and system auditing tool.

tests_databases  (lynis-3.0.1):tests_databases  (lynis-3.0.2)
skipping to change at line 42 skipping to change at line 42
MYSQL_RUNNING=0 MYSQL_RUNNING=0
DATABASE_ENGINE_RUNNING=0 DATABASE_ENGINE_RUNNING=0
MONGODB_RUNNING=0 MONGODB_RUNNING=0
POSTGRESQL_RUNNING=0 POSTGRESQL_RUNNING=0
ORACLE_RUNNING=0 ORACLE_RUNNING=0
DB2_RUNNING=0 DB2_RUNNING=0
REDIS_RUNNING=0 REDIS_RUNNING=0
# #
################################################################################ # ################################################################################ #
# #
InsertSection "Databases" InsertSection "${SECTION_DATABASES}"
# Test : DBS-1804 # Test : DBS-1804
# Description : Check if MySQL is being used # Description : Check if MySQL is being used
Register --test-no DBS-1804 --weight L --network NO --category security --de scription "Checking active MySQL process" Register --test-no DBS-1804 --weight L --network NO --category security --de scription "Checking active MySQL process"
if [ ${SKIPTEST} -eq 0 ]; then if [ ${SKIPTEST} -eq 0 ]; then
FIND=$(${PSBINARY} ax | ${EGREPBINARY} "mysqld|mysqld_safe" | ${GREPBINA RY} -v "grep") FIND=$(${PSBINARY} ax | ${EGREPBINARY} "mysqld|mysqld_safe" | ${GREPBINA RY} -v "grep")
if [ -z "${FIND}" ]; then if [ -z "${FIND}" ]; then
if [ ${DEBUG} -eq 1 ]; then Display --indent 2 --text "- MySQL proce ss status" --result "${STATUS_NOT_FOUND}" --color WHITE --debug; fi if [ ${DEBUG} -eq 1 ]; then Display --indent 2 --text "- MySQL proce ss status" --result "${STATUS_NOT_FOUND}" --color WHITE --debug; fi
LogText "Result: MySQL process not active" LogText "Result: MySQL process not active"
else else
skipping to change at line 89 skipping to change at line 89
# Test : DBS-1816 # Test : DBS-1816
# Description : Check empty MySQL root password # Description : Check empty MySQL root password
# Notes : Only perform test when MySQL is running and client is availa ble # Notes : Only perform test when MySQL is running and client is availa ble
if [ -n "${MYSQLCLIENTBINARY}" -a ${MYSQL_RUNNING} -eq 1 ]; then PREQS_MET=" YES"; SKIPREASON=""; else PREQS_MET="NO"; SKIPREASON="MySQL not installed, or no t running"; fi if [ -n "${MYSQLCLIENTBINARY}" -a ${MYSQL_RUNNING} -eq 1 ]; then PREQS_MET=" YES"; SKIPREASON=""; else PREQS_MET="NO"; SKIPREASON="MySQL not installed, or no t running"; fi
Register --test-no DBS-1816 --preqs-met ${PREQS_MET} --skip-reason "${SKIPRE ASON}" --weight L --network NO --category security --description "Checking MySQL root password" Register --test-no DBS-1816 --preqs-met ${PREQS_MET} --skip-reason "${SKIPRE ASON}" --weight L --network NO --category security --description "Checking MySQL root password"
if [ ${SKIPTEST} -eq 0 ]; then if [ ${SKIPTEST} -eq 0 ]; then
LogText "Test: Trying to login to local MySQL server without password" LogText "Test: Trying to login to local MySQL server without password"
# "-u root --password=" avoids ~/.my.cnf authentication settings # "-u root --password=" avoids ~/.my.cnf authentication settings
# "plugin = 'mysql_native_password' AND authentication_string = ''" avoi ds false positives when secure plugins are used # "plugin = 'mysql_native_password' AND authentication_string = ''" avoi ds false positives when secure plugins are used
FIND=$(${MYSQLCLIENTBINARY} --no-defaults -u root --password= --silent - -batch --execute="SELECT count(*) FROM mysql.user WHERE user = 'root' AND plugin = 'mysql_native_password' AND authentication_string = ''" mysql 2>/dev/null; ec ho $?) FIND=$(${MYSQLCLIENTBINARY} --no-defaults -u root --password= --silent - -batch --execute="SELECT count(*) FROM mysql.user WHERE user = 'root' AND plugin = 'mysql_native_password' AND authentication_string = ''" mysql > /dev/null 2>& 1; echo $?)
if [ "${FIND}" = "0" ]; then if [ "${FIND}" = "0" ]; then
LogText "Result: Login succeeded, no MySQL root password set!" LogText "Result: Login succeeded, no MySQL root password set!"
ReportWarning "${TEST_NO}" "No MySQL root password set" ReportWarning "${TEST_NO}" "No MySQL root password set"
Display --indent 4 --text "- Checking empty MySQL root password" --re sult "${STATUS_WARNING}" --color RED Display --indent 4 --text "- Checking empty MySQL root password" --re sult "${STATUS_WARNING}" --color RED
AddHP 0 5 AddHP 0 5
else else
LogText "Result: Login did not succeed, so a MySQL root password is set" LogText "Result: Login did not succeed, so a MySQL root password is set"
if IsVerbose; then Display --indent 4 --text "- Checking MySQL root password" --result "${STATUS_OK}" --color GREEN; fi if IsVerbose; then Display --indent 4 --text "- Checking MySQL root password" --result "${STATUS_OK}" --color GREEN; fi
AddHP 2 2 AddHP 2 2
fi fi
 End of changes. 2 change blocks. 
2 lines changed or deleted 2 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)